Fake AmEx emails
Fake AmEx emails: a reader asks…
Hi Coach, I’m getting more suspicious all the time, thanks to you! Can you please verify that the email I’ve forwarded to you is a fake? It’s from American Express and warns me about a problem with my account. I don’t want to go someplace and find that my AmEx card won’t work, but I’m afraid to click on anything in the message.
You are right to be wary, the email is a stone-cold fake. What makes this worse than the usual fake emails I’ve been warning about (see this article for example), is that they’ve managed to get some domain names that look possibly legit. Notice the From line, which shows a domain name of aexp.com – not anywhere near the legit americanexpress.com domain name, but close enough that someone might overlook it. And when you hover over the internal links in the email, they all point to a domain americaexpressglobal.com which also looks sorta legit – but isn’t.
Fortunately, I use Spam Experts to pre-screen all my incoming email, and it caught the email. So I viewed it in their quarantine view and quickly saw that it was fake. Unfortunately, consumers can’t purchase Spam Experts services on their own, it has to be part of your email service provider (Web Host, Internet Service Provider, a Reseller, or via your Company (enterprise services).
What you can do is examine incoming emails closely. Look at the From line and make sure the domain name (everything after the @ sign) matches the company or sender’s official domain name exactly. Also hover your cursor over each link in the email (look at the bottom of your screen for where that link points) and make sure the links point to a legit domain name. Also look for signs that the email is fake – these days no financial institution should be sending you an email with a hyperlink to log into your account. If you use Outlook, you can send email to the Junk email folder – examine it there since that folder disables all hyperlinks. For webmail users (like the popular Gmail), you can easily report spam by using the button (stop sign with Exclamation point icon).
And keep doing what you’re doing – being suspicious of every email that makes it to your inbox. Feel free to send me a copy (or a screenshot) for verification, or forward this email to spoof@americanexpress.com (check with the official sender for what address to send suspect emails from other organizations). But whatever you do, don’t click on hyperlinks in unfamiliar emails!
This website runs on a patronage model. If you find my answers of value, please consider supporting me by sending any dollar amount via:
or by mailing a check/cash to PosiTek.net LLC 1934 Old Gallows Road, Suite 350, Tysons Corner VA 22182. I am not a non-profit, but your support helps me to continue delivering advice and consumer technology support to the public. Thanks!